Alternative approach to the generation of a unique response to a challenge

ABSTRACT

According to an aspect of the invention, there is provided a device for generating a unique response to a challenge, the device comprising: a plurality of structures, each structure being able to change from a first distinct state, to a second distinct state, in response to an appropriate input challenge; the device being arranged to facilitate a challenge of the plurality of structures in combination, by changing an input to the plurality of structures in combination, to cause each structure of the plurality of structures to change from the first distinct state, to the second distinct state; as part of the challenge, the device being arranged to facilitate a measurement of an output of the plurality of structures in combination, in response to the input; wherein the unique response is at least indicative of a sequence in which the change in state takes place for each of the plurality of structures, in response to the input.

The present invention relates generally to an alternative approach tothe generation of a unique response to a challenge, and in particular toa related device and method for generating a unique response to achallenge.

Generating a unique response to a challenge is often important for anumber of reasons. The unique response can be used to provide or check aunique identifier associated with a device that is challenged, forexample for authentication purposes or for checking, using orestablishing a cryptographic key or similar. Indeed, a cryptographic keymight alternatively or additionally be defined or described as a uniqueidentifier, this identifier being linked to or derived from a uniqueresponse to a device that is challenged in some way.

A device that provides such a unique response can be described as, or bedescribed as comprising, providing or forming a unique, difficult toclone (physical) function. This function can easily and repeatedly beread, and so can be used to identify or authenticate the device, or anobject which the device is connected to or forms a part of. A physical(sometimes referred to as physically) unclonable function is oftenreferred to as a PUF.

Typically, a physically unclonable function is provided on the basis ofwhat would commonly be described as macroscopic physical principles. Forinstance, a physically unclonable function may be based on minutechanges in quartz crystal oscillation frequency between differentcrystals, or the different capacitances between different devices as aresult of different thicknesses of layers constituting those differentdevices, or the identification of anomalies (e.g. dead cells) in anarray of memory cells. There is little doubt that these approaches dowork in practice, in some applications. However, they do, nevertheless,have disadvantages. In more recent years, it has been realised thatphysically unclonable functions may be based on quantum mechanicaleffects, for example quantum mechanical confinement. Such quantumphysically unclonable functions offer advantages over macroscopicphysically unclonable functions. However, existing approaches in bothquantum and macroscopic physical unclonable functions mean that it issometimes difficult to easily, readily and repeatedly generate a uniqueresponse to a challenge of a device (the device being or comprising thephysically unclonable function). For example, in a macroscopicenvironment, it may be quite difficult to repeatedly, quickly andaccurately determine changes in quartz crystal oscillation frequenciesbetween different crystals, and to obtain the unique response and arelated unique identifier Or, it may be difficult to quickly and easilymeasure different capacitances between different devices as a result ofdifferent thicknesses, and so on. In a quantum physical unclonablefunction, it may be difficult to quickly, and easily differentiatebetween peaks in input-output characteristics, those peaks being used togenerate a related unique identifier.

While it is not impossible to overcome these problems, possiblesolutions might require more specialist equipment or approaches,increasing cost or complexity, or simply require more time or processingpower to implement.

In example embodiments of the present invention, it is as example aim toat least partially avoid or overcome at least one disadvantage of theprior art, whether that advantage is identified herein or elsewhere, orto at least provide an alternative to devices and methods of the priorart.

According to the present invention, there is provided apparatus andmethodology as set forth in the claims that follow. Other features ofthe invention will be apparent from the dependent claims, and from thedescription that follows.

According to an aspect of the invention, there is provided a device forgenerating a unique response to a challenge, the device comprising: aplurality of structures, each structure being able to change from afirst distinct state, to a second distinct state, in response to anappropriate input challenge; the device being arranged to facilitate achallenge of the plurality of structures in combination, by changing aninput to the plurality of structures in combination, to cause eachstructure of the plurality of structures to change from the firstdistinct state, to the second distinct state; as part of the challenge,the device being arranged to facilitate a measurement of an output ofthe plurality of structures in combination, in response to the input;wherein the unique response is at least indicative of a sequence inwhich the change in state takes place for each of the plurality ofstructures, in response to the input.

Each structure, or more than one structure challenged in combination,may exhibit non-linear behaviour in terms of an input-outputcharacteristic. Optionally, the input-output characteristic may comprisea change in an input sequence versus a change in a sequence in which thechange in state takes place for each of the plurality of structures, inresponse to the input.

The non-linear behaviour may be such that a change in an input accordingto a first input sequence, from a first level to a second level, resultsin a first sequence in which the change in state takes place for each ofthe plurality of structures, in response to the input; and such that achange in an input according to a second input sequence, back down fromthat second value to that first value, results in a second, differentsequence in which the change in state takes place for each of theplurality of structures, in response to the input, and in which thesecond sequence is not simply a reverse of the first sequence.

The non-linear behaviour may be such that a change in an input accordingto a first input sequence, from a first level, to a second level, to athird level, results in a first sequence in which the change in statetakes place for each of the plurality of structures, in response to theinput; and such that a change in an input according to a second inputsequence, from the same first level, to a fourth level, to the samethird level, results in a second, different sequence in which the changein state takes place for each of the plurality of structures, inresponse to the input.

The structures may be nominally the same.

The device may be fabricated such that a single structure of theplurality of structures cannot be readily challenged in isolation.

The unique response may also be at least indicative of another propertyof an input-output characteristic of a structure, or more than onestructure challenged in combination, other than the sequence in whichthe change in state takes place for each of the plurality of structures,in response to the input. Optionally, the another property may be atleast indicative of a part of a shape of an input-output characteristicfor a structure, or more than one structure challenged in combination.

The device may be arranged to facilitate a challenge of all structuresin combination, or a selectable sub-set of the structures incombination.

The device may comprise a first part, comprising one or more of thestructures, but not all of the structures, and a second part, comprisinga remaining number of the structures, and the first and second parts arereadily connectable and/or separable to selectively assemble ordisassemble the device, allowing structures from the first and secondparts of the device to be challenged in combination, or to prevent suchcombined challenge.

The first part may be located in a secure environment, relative to thelocation of, or the ability to locate, the second part of the device

The first part (optionally only the first part) of the device may bearranged to facilitate the measurement of the output of the plurality ofstructures in combination, in response to the input.

The first part (optionally only the first part) of the device may bearranged to facilitate a check of whether the sequence in which thechange in state takes place for each of the plurality of structures, inresponse to the input is an expected sequence.

The expected sequence may be when the first part and the second part arean intended or secure first part, and an intended or secure second part,and an unexpected response is when the first part and the second partare an unintended or unsecure first part, or an unintended or unsecuresecond part.

Each structure may be: an electrical component, to be challenged with aninput and provide an electrical output in response to that challenge,optionally exhibiting negative differential resistance, optionallycomprising a diode; or an optical component, to be challenged with aninput and provide an optical output in response to that challenge; or amagnetic component, to be challenged with an input and provide amagnetic output in response to that challenge; or a mechanicalcomponent, to be challenged with an input and provide a mechanicaloutput in response to that challenge.

According to an aspect of the invention, there is provided a method forgenerating a unique response to a challenge, the method comprising:challenging a plurality of structures in combination, by changing aninput to the plurality of structures in combination, to cause eachstructure of the plurality of structures to change from a first distinctstate, to a second distinct state; as part of the challenge, measuringan output of the plurality of structures in combination, in response tothe input; wherein the unique response is at least indicative of asequence in which the change in state takes place for each of theplurality of structures, in response to the input.

It will be appreciated that different features of different aspects maybe used in combination with one another, and/or in place of one another.

For a better understanding of the invention, and to show how embodimentsof the same may be carried into effect, reference will now be made, byway of example, to the accompanying diagrammatic figures in which:

FIG. 1 schematically depicts prior art apparatus for generating a uniqueresponse to a challenge;

FIGS. 2 and 3 are graphs depicting different unique responses tochallenges obtained using the apparatus of FIG. 1;

FIG. 4 schematically depicts general principles associated with anapproach to generating a unique response to a challenge, according toexample embodiments of the invention;

FIG. 5 schematically depicts a device, challenge and response inaccordance with an example embodiment;

FIG. 6 schematically depicts possible combinations of switching ordersof structures of FIG. 5;

FIG. 7 schematically depicts a device, challenge and response accordingto a different example embodiment;

FIG. 8 schematically depicts possible combinations of switching ordersof structures of FIG. 7;

FIG. 9 schematically depicts a device, challenge and response accordingto a different example embodiment;

FIG. 10 schematically depicts possible combinations of switching orderof structures of FIG. 9;

FIG. 11 schematically depicts a potential practical implementation ofprinciples associated with the present invention, in a first state;

FIG. 12 schematically depicts a potential practical implementation ofprinciples associated with the present invention, in a second state;

FIG. 13 schematically depicts a device according to example embodiments,in combination with apparatus for detecting switching of structures inthat device, according to example embodiments;

FIG. 14 schematically depicts a device according to example embodiments,in combination with apparatus for detecting switching of structures inthat device, according to example embodiments;

FIG. 15 schematically depicts non-linear switching principles associatedwith embodiments of the invention;

FIG. 16 is a graph schematically depicting reasoning for the non-linearswitching principles of FIG. 15;

FIGS. 17 and 18 depict further principles associated with thenon-linearity of switching orders of structures of a device, accordingto example embodiments;

FIG. 19 schematically depicts general apparatus principles associatedwith example embodiments of the present invention;

FIG. 20 schematically depicts a variation on the apparatus principlesshown in and as described with reference to FIG. 19, according toexample embodiment; and

FIG. 21 schematically depicts general method principles associated withembodiments of the present invention.

FIG. 1 schematically depicts prior art apparatus for generating a uniqueresponse to a challenge. The apparatus comprises a configurable array ofresonant tunnelling diodes 2. This array functions as the physicallyunclonable function, discussed above. The array of diodes 2 may bechallenged by appropriate control of an input voltage from a variablevoltage source 4. An output current is measured by an ammeter 6. In thisway, different voltages can be provided to a specific configuration ofdiodes of the array 2, and an output measured by the ammeter 6. A uniqueresponse can therefore be obtained, for example from a voltage-currentcharacteristic.

FIG. 2 shows what sort of form the unique responses might take, inparticular an input-output voltage-current characteristic. For instance,it can be seen when a particular diode is challenged, a particularinput-output characteristic 10 is obtained, in this case, with aparticular peak at around 0.3V and a particular drop-off at just above0.6 volts. In contrast, when another, different particular diode ischallenged, its input-output characteristic 12 is quite different, witha particular peak at around 0.6V. When these two different diodes arechallenged in combination, and in particular in parallel, a differentinput-output characteristic 14 is obtained, with numerous peaks between0.3V and 0.6V. The exact details of the characteristics 10, 12, 14 arenot particularly important for discussion here, except from the factthat it can be seen that they are particularly different andparticularly unique. Therefore, these unique responses to inputchallenges can either be a unique identifier for each diode orcombination of diodes, or the unique identifier can in some way bederived from these characteristics. This shows how the diodes can formor be a physically unclonable function.

In can already been seen from FIG. 2 that at least with the approachshown, it may not be readily possible to quickly and easily distinguishfrom, say, a peak in the second characteristic 12 at 0.6V, and a peak inanother characteristic 14 at 0.6V. Also, it may be difficult to easilyqualify or quantify the numerous different peaks in the othercharacteristic 14, for use in generating a unique identifier or similar.The overall message, then, is that while the characteristics 10, 12, 14are unique, and are potentially very powerful in terms of providingunique identifiers, it may nevertheless be quite difficult to quickly,easily, repeatedly or simply practically generate unique identifiersusing such characteristics, for example for use in generating a uniqueidentifier or checking against a previously obtained unique identifier.

FIG. 3 shows how the problems associated with FIG. 2 are even morepronounced when the number or combination of possible unique identifiersderivable from a device is increased, where it becomes even moredifficult to easily, quickly and practically distinguish from a largenumber of unique characteristics 20 that are derivable from the devicein question.

According to aspects of the present invention, it has been realised thatone or more problems associated with prior art approaches can be avoidedor overcome. This is achieved by using a device (e.g. a physicallyunclonable function) that comprises a plurality of structures, eachstructure being able to change from a first distinct state to a seconddistinct state, in response to an appropriate input challenge. Thephysically unclonable function may be a device for generating a uniqueresponse to a challenge, or form part of that device. The device isarranged to facilitate a challenge of the plurality of structures incombination, by changing an input to the plurality of structures incombination, to cause each structure of the plurality of structures tochange from the first distinct state, to the second distinct state.Facilitating, in this context, might mean that the device performs thechallenge, or is in some way constructed or fabricated to allow for thatchallenge to be undertaken. The changes in state (i.e. switches instate) could be from a relatively low conducting state to a relativelyhigh conducting state, or from a non-resonant electrical, mechanical,magnetic or optical state to a respective resonant state, or from anemitting state, to a non-emitting state, and so on. In other words,there is a distinct change or switch in state of the particularstructure or structures. As part of the challenge, the device isarranged to facilitate a measurement of an output of the plurality ofstructures in combination, in response to the input.

Key to the invention is that the unique response is at least indicativeof a sequence (e.g. an order) in which the change in state takes placefor each of the plurality of structures, in response to the input. Thatis, the unique response is not solely dictated by measuring oridentifying a peak in a characteristic, or a gradient, or a trough, andso on, but is instead about noting or using a sequence in whichswitching (changing of state) of structures takes place. Effectively,then, the invention relates to a time-resolved measurement procedure(e.g. changing an input sequence), as opposed to a continuousmeasurement procedure that might be needed to, for example, find a peakin an I-V or V-I characteristics. An output sequence may be far easierto determine and generally process.

FIG. 4 schematically depicts general operating principles associatedwith a device according to example embodiments. In this particularexample, the device 30 comprises a plurality of (e.g. resonanttunnelling) diodes 32 connected in series. Such diodes, and indeed othertypes of diodes, exhibit negative differential resistance, and so switchbetween distinct states of resistance/current flow. Of course, otherstructures may be used that change from one state to another dependingon an input, for example other structures exhibiting negativedifferential resistance, bistability, and so on.

Referring back to FIG. 4, a challenge-response characteristic is shownin the form of a current-voltage (I-V) characteristic 34. Each peak inthe characteristic 34 corresponds to a structure (in this case diode 32)of the device 30 switching from a relatively high to relatively lowresistance in order of increasing peak (input) current.

Without having some prior knowledge of the diodes 32, and in particulartheir individual I-V characteristics, there is no way to tell in whatparticular order the diodes will switch. This is particularly true whenthe structures (in this case diodes) are nominally the same, in thatthey have been fabricated to be identical, for all intents and purposes.In practice, however, due to imperfections at macroscopic, microscopicor even quantum levels, the structures are not identical and willactually switch at slightly different input currents. In the prior artapproaches, it was these different peak switching points which could beused as unique responses, for unique identification purposes, but thiswas sometimes difficult to implement in a practical manner. However, inaccordance with example embodiments, the order in which the switchingtake place for each structure is far more readily determined. Therefore,measuring and determining the order 36 in which each structure 32switches according to the combined characteristic 34 offers an improvedapproach to the generation of unique responses to a challenge, andtherefore the related generation of a unique identifier, either forestablishing that unique identifier, or for cross-checking orauthenticating that unique identifier.

When the devices are normally the same, even if there is an expectedswitching point it will, again, not be possible to determine the exactpoint until an individual device is challenged. There may also be subtleinterplay between the structures which means that if the switching peaksor points are very close together, the actual order of the switching ofthe structures may not be as expected when challenged in combination, asopposed to when challenged in isolation. All considered then, looking atthe switching order of structures in combination may lead to a morepractical, and even better approach than with prior art techniques.

The device will typically be fabricated such that a single structure ofthe plurality of structures cannot be readily challenged in isolation.This is so that the structures cannot be characterised in isolation,which could give an indication of the switching order of a combinationof structures. This approach may not be unique to the invention, but maybe typical of manufacturing techniques, for example a diode array, whereit is simply not possible or easily practical to challenge a very small,isolate diode in amongst the array, or simply electrical components ingeneral, which are often sealed, encapsulate or otherwise generallyphysically isolated from a surrounding environment.

As discussed above, key to the present invention is that the uniqueresponse is at least indicative of a sequence in which the change instates takes place for each of the plurality of structures of thedevice, in response to the input. This determination of switchingsequence or switching order, and its benefits, will now be described inmore detail.

FIG. 5 schematically depicts the same device 30 as discussed above, incombination with the same characteristic 34. Peaks in the characteristichave been labelled 1-4 correspond to each of the four peaks in thatcharacteristic 34, and each structure of the device has also beenlabelled 1-4, to correspond with the associated peak in thecharacteristic 34. Very quickly and simply, this shows that thestructures of the device 30, when challenged in combination, switch in aparticular order with increasing input current. The order may be fareasily and simpler to determine and use as, or provide an input to thegeneration of, a unique identifier, than for example voltage peaks,switching frequencies, measure of capacitances, and so on.

FIG. 6 is closely related to FIG. 5 and shows the number of differentcombinations of possible switching orders of the diodes of the device ofFIG. 5. As shown in FIG. 5, it is already known that the structures ofthe device switch in a particular order 40, in and amongst the largernumber of possible combinations of switching order or sequence 42.

Since four diodes or structures constitute the device, and since thereare a related number of peaks in the switching characteristic, there are4! (4-factorial) possible combinations of switching sequences, if alldiodes are challenged in combination. That is, there are 24 possiblecombinations. Therefore, in order to guess, or clone, or attack by forcea device or system utilizing this unique switching order, an attacker orotherwise would have to navigate the 24 possible different combinations42 in order to be sure that they had arrived at the correct combination40.

Depending on how the system is implemented, or the combination or uniqueidentifier is to be used, this hurdle or barrier of differentcombinations itself might provide a practical deterrent to an attackerfor even attempting to clone or break the unique identifier. Forexample, it may simply not be possible to instigate the brute forceattack or otherwise when the possible combinations is of a number in theregion of 24 or so. That is, the time or resource needed may dissuade ordefeat an attacker. However, and as will be explained in more detailbelow, this not only becomes a deterrent, but a practical impossibility,when the number of possible combinations is extremely high.

FIGS. 3 to 6 already show how the order in which structures switch froma first distinct state to a second distinct state cannot only be used asa useful unique identifier (or an identifier can be derived from thatorder), but one that can be quite quickly and practically determined.However, the approach brings other advantages, as will now be described.

FIG. 7 shows a scenario in which the device described above has,effectively, been split into two parts: a first part 30 a comprising twoof the diodes, and a second part 30 b comprising the remaining twodiodes. Each part 30 a, 30 b will have an associated challenge-response,input-output characteristic 50, 52. Again, as above, the peaks in thesecharacteristics are labelled to correspond with the structure associatedwith that peak.

The device is not split for arbitrary purposes. There are practicalbenefits. In a prior art approach, a single device or physicallyunclonable function may itself contain all information necessary tocircumvent the unique identifier provided by that device, or to simplyobtain the unique identifier provided by that device. According to FIG.7, by splitting the device, it is made more difficult for a single partyto retain both parts 30 a, 30 b. Indeed, one part 30 a of the device maybe maintained in a more secure environment 54, and the other part 30 bmay be free to use, for example by a user. A simplistic way of viewingthis scenario, and expanded upon further below, is that the part of thedevice 30 a located in a secure environment 54 might be part of acomputer or other system, likely being the part that facilitates thechallenge of the structures. This might be viewed as a lock-likeenvironment or similar. In contrast, the second part 30 b may beportable, or in the hands of a user, for example being a memory stick,or activation device or similar. While it may be relatively easy toobtain and inspect the second part of the device 30 b, it may be moredifficult or even impossible to readily inspect the first part of thedevice 30 a located in the secure environment 54.

In an approach to the generation of unique identifiers that does notinvolve determining a switching order or sequence, numerous differentpossibilities arise. For example, looking at the position of peaks in acharacteristic. A suggestion is to calculate a statistical average ofthe peak position and implement a threshold value below which theresponse is considered 0, and above which the response is consideredas 1. In contrast, a benefit of using a switching order is that there isno need for an arbitrary (or empirically determined) threshold to beset, because the structures themselves act as the thresholding element(e.g. by switching). This means that you need both parts of the device(PUF) to get the correct response, because each individual part of thedevice, including structures within those parts, take part in the“decision” on (i.e. influence) which structure switches first, and theorder in general for all structures.

As discussed above, FIG. 7 shows that each particular part 30 a, 30 b ofthe device has a particular input-output characteristic 50, 52. In thefirst part of the device 30 a, it can be seen that the first structureswitches before the fourth structure. In the second part of the device30 b, it can be seen that the second structure switches before the thirdstructure. Therefore, we have a switching sequence 1-4, and, separately,2-3. Important to understand is that the switching sequence of thesedevices when combined with one another and challenged in combination isnot simply the juxtaposition or bringing together of the switchingsequences, i.e. 1-4-2-3. Instead, and as shown in FIGS. 5 and 6, theactual sequence is 1-2-3-4. That is, the overall switching order cannotbe known without challenging all structures—i.e. without having accessto both device parts in combination.

An important point to note is that even if the second part of the device30 b is compromised, so that an attacker can determine the switchingorder of structures in that part of the device 30 b, it is still notpossible to instantly know what the switching order of the combinedstructure 30 a, 30 b will be. Instead, knowledge of the switching order2-3 of the second part of the device 30 b simply rules out particularcombinations of switching sequences for a would-be attacker, as shown nFIG. 8. In other words, when the switching sequence of one part 30 b ofthe device is known, the number of possible combinations that anattacker needs to attempt to overcome the security (uniqueidentification) that the combined device provides is reduced. However,the attacker still needs to try a reduced number of combinations inorder to overcome the security—i.e. there is still a degree of securityprovided, since the attacker does not know in which order the structuresof the first part of the device 30 a switches. FIG. 8 shows that in thisscenario, instead of there being 24 possible combinations that need tobe attempted, only 12 possible combinations are required. Again, thisnumber of combinations might still be a deterrent or practicallyinsurmountable challenge for an attacker. The attacker might not havethe will, time, or resource to overcome the problem these combinationsprovide. Again, though, this is particularly true when the number ofcombinations is impractically large, as discussed in further detailbelow.

FIGS. 9 and 10 schematically depict much the same situation and scenarioas already shown in and as described with reference to FIGS. 7 and 8.However, in FIGS. 9 and 10, the first part of the device 30 a is nolonger located in a secure environment. This could be in a literalsense, in that the first part of the device 30 a is simply not locatedin an environment in which security is somehow increased. Or, FIG. 9could represent a scenario where the secure environment has somehow beenovercome or circumvented. In any event, FIG. 9 shows that the two partsof the device 30 a, 30 b have been compromised, so that the switchingorder of each device in isolation is known. However, the switching orderof the device when challenged in combination—that is, when the two partsare connected—is still not known.

FIG. 10 shows that in this scenario, there are still 6 possiblecombinations of switching order that an attacker would need to attemptin order to be guaranteed of realising the correct switching order 40(1-4-2-3). This demonstrates that, again, even if both parts of a splitdevice are compromised, for example by the same or different parties,the overall security provided is still not completely circumvented. Thatis, different combinations of attack still need to be attempted, inwhatever manner, in order to achieve or realise the correct switchingorder. As above, 6 particular combinations could be a sufficientdeterrent, in terms of practicalities, for an attacker to attempt toovercome or attempt to simulate or force. However, in perhaps a morepractical or realistic approach, where the combinations may be farhigher, an attack might be practically impossible, as discussed infurther detail below.

FIGS. 11 and 12 depict expanded and/or more practical implementations orscenarios of the above-described principles. The first part of thedevice 30 a and second part of the device 30 b are, again, shown asbeing separated or split from one another. The first part of the device30 a is located in a secure environment 54. This might be described as alock or a device comprising such a lock or similar. This secureenvironment 54 might be a more secure physical environment, for examplein terms of it being more difficult to physically access the first partof the device 30 a, or may be in some way a more virtual secureenvironment, in for example it being more difficult to gain access tochallenge or response information of the first part of the device 30 a.Because the first part of the device 30 a is located, or perhaps evenlocatable, in a more secure environment 54, this means that the firstpart of the device 30 a is better suited to facilitating the measurementof the output of the plurality of the structures (e.g. from both partsof the device 30 a, 30 b) in response to the input.

Given the more secure location 54, the first part of the device 30 amight comprise or at least be in connection with a controller or similar60 which is arranged to challenge the device in combination 30 a, 30 b.The controller may provide an output of a determined switching order, orperhaps an output indicative of a check or otherwise relative to thatorder, for example that the detected order is an expected order orresponse. This means that the more secure part or side of the device 30a is in a better position for determining whether a detected sequence isan expected sequence, in which the first part 30 a and second part 30 bare an intended or secure first part 30 a and an intended or securesecond part 30 b, or an unexpected response in which the first andsecond parts are unintended or unsecure first and second parts. Inessence, this is a safer approach in that not only is a part of thedevice kept more secure in terms of its unique identifier (i.e.switching order) or part thereof, but any processing in relation to thechallenge-response, input-output is undertaken on, from or via the moresecure side of the device or method.

FIG. 11 shows that the second part of the device 30 b might form somesort of key 62 or similar which is engageable with the lock-like portionof the secure side 54 via one or more electrical connectors or similar64. The connectors 64 allow the first part 30 a and second part 30 b tobe relatively connectable and connected, and disconnected, or puttogether and separated, or similar. This readily facilitates, orprevents, the combined challenged of the structures of both parts 30 s,30 b.

FIG. 12 shows that the key 62 is put in combination with the more securelock 54 in order for the challenge of the combined structures or parts30 a, 30 b to be undertaken by the controller 60. The controller 60might provide an output 66, as required. As alluded to above, the output66 could include or be indicative of the detected or determinedsequence, or could be an activation signal or pass signal, if thecontroller 60 determines that the switching order is an expectedswitching order. In other words, the controller 60 may be aware of acorrect order for a given input, if the structures of the first part andsecond part are as intended. If not, the output can reflect that, orthere may be no output, since this may indicate that one or both parts30 a, 30 b are not functioning as intended, or are not the parts thatwere intended or expected.

Although not shown, the controller might include a power (e.g. voltageor current) source for challenging the diodes, or such a power sourcecould be provided separately and be in connection with the controller.

FIGS. 11 and 12 schematically depict a broad and general key-lockarrangement. In a practical sense, this may indeed be a practicalimplementation where the lock cannot be unlocked or otherwise activatedwithout the correct key. This rather basic principle could be expandedupon as might be expected, where for example the key is a key to avehicle or device, and the lock is part of that vehicle or device, andthe vehicle or device cannot start or be activated unless the correctkey is used (i.e. the correct switching sequence is detected). Thismight also be further expanded upon to systems or assemblies whichcomprise multiple parts, for example a battery and a connector or abattery and a vehicle. If the component parts, each comprising differentparts of the physical unclonable function device, are not as intended,and do not bring about the expected switching sequence, the overallsystem may not be allowed to function, or may only be allowed tofunction in a reduced state.

Similarly, each part could form part of a serial number for an object,the serial number only being complete when the parts are together, andthe unique identifier generated. That is, the switching order of thecombined parts is, or is representative of, a unique serial number. If apart of the device is cloned, then the switching order is changed, andthe unique serial number is not realised.

It will be appreciated that a device comprising two parts has beendiscussed above. More than two parts may be used, of course.

The order in which the structures switch or flip from a first distinctstate to a second distinct state may be measured, determined or detectedin any one of a number of different ways, depending on the practicalimplementation of the invention and/or the underpinning structures ortechnologies.

FIG. 13 shows an example where a device according to example embodimentscomprises a number of diodes in series 70. In this particular case, thediodes are light-emitting diodes. The order in which the diodes switchmay be determined via an optical sensor 72 or optical sensor array. Ifthe structures are always used in combination and made in that way, thenthe detector 72 may also be made and used in a similar manner, forexample as part of the overall device. Alternatively, the detector 72may be used separately, or even only used or brought into proximity withthe array 70 as and when a switching sequence is to be detected ordetermined. If and when the device is split, as discussed above, into anumber of parts, then the detector may also not be a single detector,but may comprise multiple parts, connectable to one another eitherphysically or electrically. Or, the detector may be a single detector,able to detect emission from the diodes 70 when they are located andchallenged in combination.

While FIG. 13 has been described in relation to the used oflight-emitting diode, optocouplers could be used instead. An optocouplermight comprise an infra-red light-emitting connected to aphototransistor/photodiode, and the response from the structures ordevice may come as a digital electrical signal (HIGH/LOW) instead of asa lit visible light-emitting diode. In other words, a dedicated orsomewhat separate light detector or detector array may not be needed,even though light is still involved indicating the switching of astructure.

FIG. 14 depicts a different example where there is a parallel array ofstructures (in this case diodes) 80 arranged in series, a multiplexer orcontroller 82 and a power source 84. This Figure depicts a number ofdifferent principles, which may be understood and used in isolation orcombination. One principle is that different combinations of structures(diodes) in the series may be challenged separately by appropriatecontrol of the inputs to the different series of structures, therebydetermining different switching sequences, one for each subset ofstructures of the overall set of structures. In other words, thecombination of structures that are challenged in any embodiment does notnecessarily need to be the entire number of structures.

Challenging a small subset of the structure will not increase the numberof possible combinations (e.g. possible switching sequences).Nevertheless, challenging a subset instead of the whole set can help toprevent attacks in which a nefarious party or attacker can be“eavesdropping” to the communication and trying to mimic it afterwards.This is because, as described herein, knowing the switching sequence ofstructures for a certain first input does not mean that the switchingsequence for a second, different input can derived.

FIG. 14 also depicts or alludes to the fact that the switching order ofthe structures could be determined in ways other than via optical means.For example, the switching sequence can be determined electrically, forexample by a CCD or similar in close proximity to the switchablestructures, the CCD detecting switching based on capacitive coupling.Other electrical approaches to detection are possible, of course. Oneapproach would be to measure the voltage dropped over each structure(e.g. diode) as the voltage across the whole chain or series of diodesis increased or, in general, changed. As the diodes switch they will goto a high resistance state (large voltage drop), for example when thevoltage input is increasing. Resources for facilitating the detectionmight be simple, but will need to scale with the number of structures.Another approach is to use a small (AC) voltage pulse, on top of, forexample, an input DC bias that is swept across the device. At everypoint of high impedance (high resistance) a portion of the AC pulse isreflected back, and correlating the time of arrival of these reflectionsmakes it possible to determine which structure (e.g. diodes) haveswitched. Resources for facilitating the detection might not be assimple as voltage drop detection, but will, however, not need to scalewith the number of structures.

If the structures switch mechanical states, sensing may be via opticalmeans, or perhaps via a mechanical (e.g. frequency, stress or strain)sensor. A magnetic sensor may be used for magnetic structures, and soon.

Embodiments of the invention described so far have been described inrelation to a scenario in which the device comprises four structures. Ifno part of the device is compromised, there are 24 possible combinationsfor an attacker to guess or force in any attempted attack orcircumvention of the unique identifier. This can of course be expandedupon in terms of it being readily possible to increase the number ofstructures in a practical implementation.

Following on from the principles discussed above, the number of possiblecombinations (P_(n)) with no prior knowledge of the switching order ofany one or more structures of the device is, when all structures (n) arechallenged in combination:

P _(n) =n!  (1)

The number of possible combinations (V_(n,m)), if the switching order ofa subset (m) of the structures (n) is known is:

V _(n,m) =n!/(n−m)!  (2)

Further still, the number of possible combinations (C_(n,m)), assumingthat the switching order of both subsets of the device (e.g. both partsof the device) is known, but not the order in combination, is:

C _(n,m) =n!/[m!*(n−m)!]  (3)

The table below gives some numerical examples, expanding on the aboveprinciples.

TABLE 1 n m P_(n) V_(n, m) C_(n, m) 6 3 720 120 20 8 4 40320 1680 70 105 3628800 30240 252 20 10 3.4*10¹⁸ 6.7*10¹¹ 184756

It can be seen that for even a relatively small number of structures(n=6) there are still twenty possible combinations, even when allswitching orders of all subsets of the device are known, but not incombination. Depending on how any attacker might seek to overcome anysecurity or otherwise provided by the unique identifier, this mightstill be a practically insurmountable hurdle, or at least a deterrent,especially when the attacker does not actually know in advance that thepossible combination is only twenty. For instance, the attacker may notknow that the possible combinations could be, or is, an order ofmagnitude higher. An important point to realise is that the attackerwill probably realise that there is still another unknown element of the(split) device, and a relatively large number of combinations that needto be attempted, in order to overcome any security that is provided.

Another important principle that the table demonstrates is that it isextremely easy to increase the number of structures by less than anorder of magnitude, and yet, due to the factorial relationship, reveal apossible set of combinations which is practically insurmountable. Viewedin a more practical way, if there are 20 structures in the device, andit takes only one microsecond to force or attempt a combination attack,it would still take approximately 770 centuries to attempt all possiblecombinations. In other words, by using an eminently and easilyachievable number of structures, the security provided is practicallyinsurmountable.

As discussed above, the practicalities of using a switching order togenerate unique response are beneficial, and yet the security which isprovided can be difficult to overcome, and in some instances physicallyimpossible to overcome. This is, at least in part, because of the n-!(n-factorial) relationship. This n! relationship assumes that there is alinear relationship in the switching sequence, in that for example asweep-up of input values or a sweep-down in input values will lead to afirst switching sequence and then a reversed, mirror-image switchingsequence. For many structures and related devices, however, this linearrelationship is not actually what happens in practice. The behaviour oreach structure, and therefore each structure in combination whenchallenged, is actually non-linear. In other words, each structure, ormore than one structure challenged in combination, exhibits non-linearbehaviour in terms of an input-output characteristic. This is true ofany structure in which different states can be reached with the sameinput values, or in other words there is perhaps a hysteresis in termsof the inputs and outputs provided to the structure. A good example ofthis is the negative differential resistance exhibited by certainelectrical components, for example certain diodes, as is shown inresonant tunnelling diodes and similar devices. Because of thisnon-linearity, the number of possible combinations is not necessarilyn!, but instead this n! is a lower band or level, and an upper band isactually (n!)², which vastly increases the number of possiblecombinations depending on how the device is challenged and the sequenceis determined.

FIG. 15 demonstrates this principle very schematically in that there isa device comprising seven diodes connected in a series 90. Whenchallenged with a ramping up or increasing input sequence there is afirst switching order 92 of the structures: 4-1-3-6-5-7-2. However, whenthis very same input is then ramped back down or reversed, there is thena second different 94 switching sequence 2-1-3-5-7-6-4. In other words,the sequence 92 is not simply the reverse of the sequence 94, again dueto non-linearity of the systems and structures in play.

FIG. 16 schematically depicts a graph that depicts the non-linearbehaviour 100 in that an I-V characteristic of the diodes challenged incombination is out of phase in terms of the forward 102 and reverse 104input sweeps.

It would appear there is a correlation between the peak current (whichdetermines an upward switching order) and the valley current (whichdetermines the downward switching order). If the structures aredifferent enough it is likely that both switching sequences or orderswill coincide, which means that the number of combinations will approachthe n! relationship discussed further above. If, however, the structuresor devices are normally the same or identical, the switching order orsequence going up and going down can be very different due to theinterplay between structures and the proximity of their switching peaksor points.

FIG. 17 is a plot of all the different combinations of switchingsequences that may be obtained using the device of FIG. 15, depending onhow the input sequence is increased, and decreased, and to which pointsthe input sequence is increased, and from which point the input sequenceis decreased, all due to the non-linearity, hysteresis or history of thedevice (which terms may all relate to one another and or beinterchangeable). Referring to FIG. 17, it can be seen that in a verysimple explanation of the plot, the ramp up or upwards switchingsequence 110 is very different to the down or reverse input sequence112.

FIG. 18 is the same as FIG. 17, but also shows a plurality of otherpaths 120 through the number of possible switching states that thedevice of FIG. 15 can exhibit.

FIGS. 17 and 18 show that the device functions as a state machine.Therefore, it is not just the unique response that is important, but theinput, since different inputs result in different (albeit repeatable)sequences. This further complicates and provides hurdles for any attackon the device. They cannot challenge with an arbitrary input to obtaina/the sole single switching order output. From another perspective, anauthentication might take place with different inputs, or with differentstructures, to obtain different, repeatable outputs to check, ordouble-check or more, that the device (or parts thereof) is (or are) asintended or expected.

The non-linearity described above might be alternatively or additionallydefined as being a behaviour such that a change in an input according toa first sequence, from a first level to a second level, results in afirst sequence in which the change in state of the structures takesplace for each of the plurality of structures, in response to the input,and such that the change in input according to a second input sequence,back down from that second value to that first value, results in asecond, different sequence in which the change in states takes place foreach of the plurality of structures in response to the input. That is,the second sequence is not simply a reverse of the first sequence. Forexample, as an input sequence changes from 0.5V to 1.5V to 2.5V to 3.5Vto 4.5V we might have structures of the device switching in the order1-2-3-4-5. However, when the input sequence is reversed and changed downfrom 4.5V to 3.5V to 2.5V to 1.5V to 0.5V, the diodes do not switch inthe opposite direction or simply in the reverse order. For example, thedevices might switch in the order of 4-1-3-2-0. In other words, anattacker needs to know not only what order might be unique, but whatorder is unique for a particular input.

Due to the inbuilt non-linearity (e.g. hysteresis or history or similar)it is not simply the input value or level that defines the state inwhich the structure or combination of structures is in. Thenon-linearity and therefore history also plays a part. In other words,the non-linear behaviour is such that a change in an input according toa first sequence from a first level to a second level to a third levelresults in a first sequence in which the change in state takes place foreach of the plurality of structures in response to that input, and suchthat a change in an input according to a second input sequence from thesame first level to a (different) fourth level, to the same third level,results in a second, different sequence in which the change in statetakes place for each of the plurality of structures, in response to theinput. Again, then, for the same array of structures, an input sequenceof 0.5V, 3.5V, 2.5V can give a different response (and thereforeswitching sequence) to that of an input sequence of 0.5V, 1.5V, 2.5V,and this is in light of the fact that the structures are the same,connected in the same way, and the starting and ending voltages in eachchallenge are the same.

It is worth noting that the above, discrete, input voltage sequencesalso show how a switching order (as opposed to peak/trough)identification is easier, in that there is no need to make voltagesweeps/ramps, and implemented related control or detection.Specific/discrete voltage levels can be used.

All considered then, the important point is that the non-linearity isnot something that is created, but is an inherent part of a system whichis taken advantage of to increase the number of possible combinations orswitching orders, and therefore the uniqueness of the unique identifierand the security it provides. This leads to a related increase indifficulty required to simulate, attack, circumvent or force the uniqueidentifier or the security it provides.

In all examples so far, the unique identifier has been described asbeing the switching order, or something related to that switching order,for example data or a value that is someway related to or seeded by thatswitching order. However, the switching order could be supplemented bysomething else, so that the unique response is also at least indicativeof another property of an input-output characteristic of a structure, ormore than one structure challenged in combination, which is other thanthe sequence in which the change in state takes place for each of theplurality of structures, in response to the input. This second tier ofsecurity information or unique identification may be useful in simplyproviding further depth or richness to the unique identifier and thesecurity it provides, or a fail-safe, e.g. if the switching sequence isobtained. For instance, and especially when the number of possiblecombinations is relatively low, an attacker may circumvent the switchingorder, simply by brute forcing a combination of switching orders, orswitching numbers, to a device or system that is to be gained access toby force. However, if the unique response also contains information or asecond check based on other aspects of the characteristic, for example apart of a shape of an input-output characteristic of a structure, ormore structures, of the device, this will be far harder to overcome by awould-be attacker. For instance, in addition to the switching order,perhaps the value of one or more peaks or troughs of a single orcombined input-output characteristic could be obtained, or a gradient ofone or more portions of those characteristics, and so on. For instance,an attacker might know or be able to guess or attempt combinations thatthe switching order is 1-4-2-3 of structures of the device, but theattacker may have no way of knowing, or being able to easily or quicklydetermine, the fact that the first diode switches at 0.6V, and the lastdiodes switches at 0.7V, by way of example.

The remaining FIGS. 19-21 depict more general principles associated withthe present invention.

FIG. 19 shows a device 130 for generating a unique response to achallenge. The device 130 comprises a plurality of structures, eachstructure being able to change from a first distinct state to a seconddistinct state in response to an appropriate input challenge.

The device 130 is arranged to facilitate a challenge of the plurality ofstructures in combination, by changing an input to the plurality ofstructures in combination, to cause each structure of the plurality ofstructures to change from the first distinct state, to the seconddistinct state. As part of the challenge, the device 130 is arranged tofacilitate a measurement of an output of the plurality of structures incombination, in response to the input. The unique response is at leastindicative of a sequence in which the change in states takes place foreach of the plurality of structures, in response to the input.

The device 130 might be in connection with, or comprise, a controller132 for, for example, undertaking one or more of a challenge of theplurality of structures as described above, a measurement of the outputof the challenge, or to check that a determined switching sequence is anexpected (or otherwise) switching sequence. A power supply (or otherdriver, for changing state of the structures—not shown) may be provided,as part of the controller, or controller by the controller.

FIG. 20 is much the same as shown in and described with reference toFIG. 19, but where the device comprising the structures is formed of twoparts 130 a, 130 b, which are readily connectable to one another, andseparable from one another, for example to form the lock-key-like systemas described above, or similar.

FIG. 21 schematically depicts general methodology associated withexample embodiments. The method is for generating a unique response to achallenge, the response being, or being used to provide a uniqueidentifier. The method comprises challenging a plurality of structuresin combination by changing an input to the plurality of structures incombination, to cause each structure of the plurality of structures tochange from a first distinct state to a second distinct state 140. Aspart of the challenge, the method comprises measuring an output of theplurality of structures in combination, in response to the input 142.The unique response is at least indicative of a sequence in which thechange in state takes place for each of the plurality of structures, inresponse to the input. This may be part of the measurement step, or maybe a closely related processing step.

It will be appreciated that changes in electrical state, and use ofelectrical components or structures, is not essential. While the use ofelectrical components and challenge-response characterisation in anelectrical manner may be advantageous, for example in terms of thestructures and required processing being able to be undertaken andimplemented relatively easily and cheaply, and in a practical manner,other structures and processes are possible. For example, any structurewhich exhibits distinct changes in mechanical states (e.g.interconnected pendulums, pneumatic valves, elastic or inelasticcomponents), or optical states (e.g. lasing or non-lasing cavities), ormagnetic states (relatively non-magnetic to magnetic) may be used.However, it is generally thought that the use of electrical componentswould be relatively simple and straight forward in comparison withmechanical, optical, or magnetic approaches.

Any ensemble of electronic or electrical devices showing (e.g. N-shaped)negative differential resistance may exhibit the advantageousnon-linearity discussed above. This includes RTDs, Esaki diodes, Lambdadiodes, Gunn Diodes, fluorescent lamps and some vacuum valves. Ofcourse, some of these examples are more practical than others. Even ifnominally identical when made, it is the variability in the fabricationthat makes them switch in a specific order, and therefore being useableas discussed herein.

Although a few preferred embodiments have been shown and described, itwill be appreciated by those skilled in the art that various changes andmodifications might be made without departing from the scope of theinvention, as defined in the appended claims.

Attention is directed to all papers and documents which are filedconcurrently with or previous to this specification in connection withthis application and which are open to public inspection with thisspecification, and the contents of all such papers and documents areincorporated herein by reference.

All of the features disclosed in this specification (including anyaccompanying claims, abstract and drawings), and/or all of the steps ofany method or process so disclosed, may be combined in any combination,except combinations where at least some of such features and/or stepsare mutually exclusive.

Each feature disclosed in this specification (including any accompanyingclaims, abstract and drawings) may be replaced by alternative featuresserving the same, equivalent or similar purpose, unless expressly statedotherwise. Thus, unless expressly stated otherwise, each featuredisclosed is one example only of a generic series of equivalent orsimilar features.

The invention is not restricted to the details of the foregoingembodiment(s). The invention extends to any novel one, or any novelcombination, of the features disclosed in this specification (includingany accompanying claims, abstract and drawings), or to any novel one, orany novel combination, of the steps of any method or process sodisclosed.

1. A device for generating a unique response to a challenge, the devicecomprising: a plurality of structures, each structure being able tochange from a first distinct state, to a second distinct state, inresponse to an appropriate input challenge; the device being arranged tofacilitate a challenge of the plurality of structures in combination, bychanging an input to the plurality of structure in combination, to causeeach structure of the plurality of structures to change from the firstdistinct state, to the second distinct state; as part of the challenge,the device being arranged to facilitate a measurement of an output ofthe plurality of structures in combination, in response to the input;wherein the unique response is at least indicative of a sequence inwhich the change in state takes place for each of the plurality ofstructures, in response to the input.
 2. The device of claim 1, whereineach structure, or more than one structure challenged in combination,exhibits non-linear behaviour in terms of an input-outputcharacteristic.
 3. The device of claim 2, wherein the non-linearbehaviour is such that a change in an input according to the first inputsequence, from a first level to a second level, results in a firstsequence in which the change in state takes place for each of theplurality of structures, in response to the input; and; such that achange in an input according to a second input sequence, back down fromthe second value to that first value, results in a second, differentsequence in which the change in statue takes place for each of theplurality of structure, in response to the input, and in which thesecond sequence is not a reverse of the first sequence.
 4. The device ofclaim 2, wherein the non-linear behaviour is such that a change in aninput according to a first input sequence, from a first level, to asecond level, to a third level, results in a first sequence in which thechange in state takes place for each of the plurality of structures, inresponse to the input; and such that a change in an input according to asecond input sequence, from the same first level, to a fourth level, tothe same third level, results in a second, different sequence in whichthe change in state takes place for each of the plurality of structures,in response to the input.
 5. The device of claim 1, wherein thestructures are nominally the same.
 6. The device of claim 1, wherein thedevice is fabricated such that a single structure of the plurality ofstructures cannot be readily challenged in isolation.
 7. The device ofclaim 1, wherein the unique response is also at least indicative ofanother property of an input-output characteristic of a structure, ormore than one structure challenged in combination, other than thesequence in which the change in state takes place for each of theplurality of structures, in response to the input.
 8. The device ofclaim 1, wherein the device is arranged to facilitate a challenge of allstructures in combination, or a selectable sub-set of the structures incombination.
 9. The device of claim 1, wherein the device comprises afirst part, comprising one or more of the structures, but not all of thestructures, and a second part, comprising a remaining number of thestructures, and the first and second parts are readily connectableand/or separable to selectively assemble or disassemble the device,allowing structures from the first and second parts of the device to bechallenged in combination, or to prevent such combined challenge. 10.The device of claim 9, wherein the first part is located in a secureenvironment, relative to the location of, or the ability to locate, thesecond part of the device.
 11. The device of claim 9, wherein, the firstpart of the device is arranged to facilitate the measurement of theoutput of the plurality of structures in combination, in response to theinput.
 12. The device of claim 9 , wherein, the first part of the deviceis arranged to facilitate a check of whether the sequence in which thechange in state takes place for each of the plurality of structures, inresponse to the input is an expected sequence.
 13. The device of claim12, wherein the expected sequence is when the first part and the secondpart are an intended or secure first part, and an intended or securesecond part, and an unexpected response is when the first part and thesecond part are an unintended or unsecure first part, or an unintendedor unsecure second part.
 14. The device of claim 1, wherein eachstructure is: an electrical component, to be challenged with an inputand provide an electrical output in response to that challenge,optionally exhibiting negative differential resistance, optionallycomprising a diode; or an optical component, to be challenged with aninput and provide an optical output in response to that challenge; or amagnetic component, to be challenged with an input and provide amagnetic output in response to that challenge; or a mechanicalcomponent, to be challenged with an input and provide a mechanicaloutput in response to that challenge.
 15. A method for generating aunique response to a challenge, the method comprising: challenging aplurality of structures in combination, by changing an input to theplurality of structures in combination, to cause each structure of theplurality of structures to change from a first distinct state, to asecond distinct state; as part of the challenge, measuring an output ofthe plurality of structures in combination, in response to the input;wherein the unique response is at least indicative of a sequence inwhich the change in state takes place for each of the plurality ofstructures, in response to the input.
 16. The device of claim 2, whereinthe input-output characteristic comprises a change in an input sequenceversus a change in a sequence in which the change in state takes placefor each of the plurality of structures, in response to the input. 17.The device of claim 7, wherein the another property is at leastindicative of a part of a shape of an input-output characteristic for astructure, or more than one structure challenged in combination.
 18. Thedevice of claim 9, wherein only the first part of the device is arrangedto facilitate the measurement of the output of the plurality ofstructures in combination, in response to the input.
 19. The device ofclaim 9, wherein only the first part of the device is arranged tofacilitate a check of whether the sequence in which the change in statetakes place for each of the plurality of structures, in response to theinput is an expected sequence.